I like the idea of storing an encoded-pickled version of the form data in a hidden field. I'm concerned about privacy implications with sharing that data with the client. What about encrypting the contents too? The server could have a private key that it encrypts the serialized form data and decrypts on submission.
I'm mainly concerned with the scenario where credit cards are used as part of the form. I haven't found too many supported cryptography libraries for python though. I'd envision: base64.encodestring( crypto.encrypt(key, pickle.dumps(self.data))) and base64.loads( crypto.decrypt(key, base64.decodestring( form_data ))) *(I made up the crypto library for demonstration) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
